EP2579637A1 - Method and apparatus for monitoring process of subscribing wap services - Google Patents

Method and apparatus for monitoring process of subscribing wap services Download PDF

Info

Publication number
EP2579637A1
EP2579637A1 EP11786021.3A EP11786021A EP2579637A1 EP 2579637 A1 EP2579637 A1 EP 2579637A1 EP 11786021 A EP11786021 A EP 11786021A EP 2579637 A1 EP2579637 A1 EP 2579637A1
Authority
EP
European Patent Office
Prior art keywords
service
information
request terminal
subscribed
wap
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
EP11786021.3A
Other languages
German (de)
French (fr)
Other versions
EP2579637B1 (en
EP2579637A4 (en
Inventor
Shouping Li
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of EP2579637A4 publication Critical patent/EP2579637A4/en
Publication of EP2579637A1 publication Critical patent/EP2579637A1/en
Application granted granted Critical
Publication of EP2579637B1 publication Critical patent/EP2579637B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/02Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
    • H04W8/08Mobility data transfer
    • H04W8/12Mobility data transfer between location registers or mobility servers

Definitions

  • the present invention relates to the field of wireless communications technologies, and in particular, to a method and an apparatus for monitoring a WAP service subscribing process.
  • the existing WAP service subscribing procedure lacks an effective security protection mechanism. After the unauthorized program is implanted in the WAP system, the system cannot identify an unauthorized message, and therefore the WAP services are under unauthorized subscription or used for free, thereby causing economic losses of an authorized user or an operator.
  • Embodiments of the present invention provide a method and an apparatus for monitoring a WAP service subscribing process so as to effectively improve security of a WAP service subscribing procedure.
  • a first aspect of present invention provides a method for monitoring a WAP service subscribing process, where the method includes:
  • a second aspect of the present invention provides an apparatus for monitoring a WAP service subscribing process, where the apparatus includes:
  • an embodiment of the present invention provides a method for monitoring a WAP service subscribing process.
  • the procedure of the method is shown in FIG 1 , and the specific implementation manner is as follows:
  • the cached information at least does not include one of the following information: the information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the WAP gateway), perform S105: send alarm information.
  • a direction of the egress of the WAP gateway refers to a direction in which the WAP gateway sends data to a core network/a service network; and a direction of the egress of the access network gateway refers to a direction in which the access network gateway sends data to the WAP gateway.
  • the access network gateway refers to a gateway which forwards communication data between the request terminal and the WAP gateway.
  • the information obtained from the egress of the WAP gateway and the information obtained from the egress of the access network gateway are compared, for example, if an unauthorized service request is sent by an unauthorized program which is implanted in the WAP gateway, the service request information cannot be found in the cached information which is obtained from the egress of the access network gateway; thereby judging whether WAP service subscription is authorized, and effectively preventing an act of unauthorized subscription to the WAP service.
  • detection points are set respectively at the egress of the WAP gateway and the egress of the access network gateway which communicates with the WAP gateway, and information obtained by the detection points is parsed to implement the monitoring on the WAP service subscribing process. According to a difference in the detection points information, the embodiment of the present invention provides two implementation manners for obtaining information.
  • the specific implementation manner of the foregoing S 1 02 includes: a detection point which is set at the egress of the WAP gateway obtains a service request message of the request terminal, and parses the service request message to obtain the information of the service to be subscribed and the information of the corresponding request terminal that are in the service request message;
  • the information of the service to be subscribed includes a network address of the service to be subscribed (in the embodiment of the present invention, the address may be an IP address, and may also be a URL (Uniform Resource Location, uniform resource locator) address);
  • the information of the request terminal includes identification information of the foregoing request terminal (in an embodiment of the present invention, the identification information may be a mobile phone number of the request terminal, an IMSI (International Mobile Subscriber Identity, international mobile subscriber identity), or a subscriber pseudo code, and so on).
  • the specific implementation manner of the foregoing S101 includes: a detection point which is set at the egress of the foregoing access network gateway obtains an online request message of the request terminal, parses the online request message to obtain and cache the information of the request terminal, where the information is carried in the online request message; the information of the request terminal includes an IP address of the foregoing request terminal and identification information of the request terminal, and correspondence between the IP address of the request terminal and the identification information of the request terminal is further cached; the detection point which is set at the egress of the foregoing access network gateway also obtains the service request message of the foregoing request terminal, parses the service request message to obtain and cache the information of the service to be subscribed, where the information is carried in the service request message; the information of the service to be subscribed includes the network address of the service to be subscribed, and correspondence between the IP address of the request terminal and the network address of the service to be subscribed is further cached.
  • the network address of the service to be subscribed and identification information of the request terminal may be obtained according to preset identification information of the WAP service to be monitored (the identification information may be an IP address of the WAP service, or a URL address of the WAP service, and so on), where the network address of the service to be subscribed is carried in the service request message of a WAP service to be monitored.
  • the embodiment of the present invention may further include S106a: the detection point which is set at the egress of the access network gateway obtains an offline request message of the foregoing request terminal, parses the offline request message to obtain the IP address of the request terminal and the identification information of the request terminal that are carried in the offline request message; according to the IP address of the request terminal and the identification information of the request terminal, deletes corresponding IP address of the request terminal and identification information of the request terminal, and the correspondence between the IP address of the request terminal and the identification information of the request terminal, where the corresponding IP address and identification information, and the correspondence are in the cache, and deletes the correspondence between the IP address of the corresponding request terminal and the network of the service to be subscribed, and the network address of the service to be subscribed, where the correspondence and the network address are in the cache.
  • the specific implementation manner of the foregoing monitoring the WAP service subscribing process is as follows:
  • perform S1034a judge whether the foregoing cached network address is the same as the foregoing network address which is of the service to be subscribed and which is obtained from the egress of the WAP gateway. If the network addresses are the same, the subscription service is regarded as an authorized service, and the foregoing S104 is performed. Otherwise, the subscription service is an unauthorized service, and the foregoing S105 is performed.
  • the specific implementation manner of the foregoing S102 includes: a detection point which is set at the egress of the WAP gateway obtains a service request message of the request terminal, and parses the service request message to obtain information of the service to be subscribed and information of the corresponding request terminal that are in the service request message; the information of the service to be subscribed includes a network address of the service to be subscribed, and the information of the request terminal includes identification information of the foregoing request terminal.
  • the specific implementation manner of the foregoing S101 includes: a detection point which is set at the egress of the foregoing access network gateway obtains an online request message of the request terminal, and parses the online request message to obtain and cache information which is of the request terminal and which is carried in the online request message, where the information of the request terminal includes identification information of the foregoing request terminal; the detection point which is set at the egress of the foregoing access network gateway also obtains a service request message of the foregoing request terminal, parses the service request message to obtain and cache information which is of the service to be subscribed and which is carried in the service request message, where the information of the service to be subscribed includes a network address of the service to be subscribed, and caches correspondence between the identification information of the request terminal and the network address of the service to be subscribed.
  • a target WAP service that is set may be monitored, and then in S102, specifically, the network address of the service to be subscribed and the identification information of the request terminal that are carried in the service request message for a WAP service to be monitored may be obtained according to preset identification information of the WAP service to be monitored.
  • the embodiment of the present invention further includes S106b: the detection point which is set at the egress of the access network gateway obtains an offline request message of the foregoing request terminal, parses the offline request message to obtain the identification information which is of the request terminal and which is carried in the offline request message; and according to the identification information of the request terminal, deletes the identification information of the corresponding request terminal in the cache, and deletes the correspondence between the identification information of the corresponding request terminal and the network address of the service to be subscribed, and the network address of the service to be subscribed, where the correspondence and the network address are in the cache.
  • the specific implementation manner of the foregoing monitoring the WAP service subscribing process is as follows:
  • a GGSN Gateway GPRS Support Node, gateway GPRS support node, GPRS General Packet Radio Service, general packet radio technology
  • the WAP gateway is in charge of transmitting a communication message between the GGSN and a WAP service server.
  • a Portal (a type of webpage application technology) server, an AS (Application Server, application server), and an SP/CP (Service Provider/Content Provider, service provider/content provider) serve to provide network services to the terminal.
  • a first detection point is set at an egress of the GGSN.
  • each GGSN is shown in a schematic diagram of the network architecture in FIG 2 , in the practical application process, multiple GGSNs in communication with a same WAP gateway may exist. Accordingly, an egress of each GGSN is set with a first detection point. A second detection point is set at the egress of the WAP gateway. An apparatus for monitoring the WAP service subscribing process is connected to the first detection point and the second detection point to analyze and process monitoring data.
  • a WAP service subscribing procedure in which a monitoring method provided in an embodiment of the present invention is applied is shown in FIG. 3 , a specific implementation manner is as follows: S301: A GGSN receives and forwards an online request message (Accounting-Request Start) which is initiated by a request terminal. S302: Obtain the foregoing online request message through a first detection point and parse the message to obtain an IP address of the request terminal and identification information of the mobile terminal that are carried in the message. In this application embodiment, the identification information is a mobile phone number. S303: Cache the IP address and the mobile phone number of the request terminal, and correspondence between the IP address and the mobile phone number.
  • Table 1 IP address Mobile phone number Request terminal 1 211.200.138.0 13811122111 Request terminal 2 211.200.131.3 13400011000 Request terminal N 211.200.124.0 13633355000
  • S304 After receiving the foregoing online request message, a WAP gateway replies with an online response message (Accounting-Response) through the foregoing GGSN to the request terminal.
  • S305 The GGSN receives and forwards a service request message initiated by the foregoing request terminal.
  • S306 Obtain the foregoing WAP service request message through the first detection point and parse the message to obtain a network address which is of the WAP service to be subscribed and which is carried in the message.
  • the network address is a URL address of the WAP service to be subscribed.
  • S307 Cache the foregoing URL address of the WAP service to be subscribed, and correspondence between the URL address of the WAP service to be subscribed and the IP address which is of the request terminal and which is obtained in S302. It is taken as an example rather than limitation that it may be cached in the form of a table. The specific implementation manner is shown in Table 2. Table 2 IP address URL of the WAP service to be subscribed Request terminal 1 211.200.138.
  • the WAP gateway After receiving the foregoing service request message, the WAP gateway adds user forward information into the service request message and forwards the message. It is taken as an example rather than limitation that the user forward information (the user forward information may be the mobile phone number of the request terminal) may be added through an X-Up-Calling-Line-ID field.
  • S309 Through a second detection point, obtain the foregoing service request message which is added with the user forward information; and parse the message to obtain the URL address of the WAP service to be subscribed and the mobile phone number of the request terminal.
  • S310 An apparatus for monitoring a WAP service subscribing process searches for, according to the mobile phone number obtained by the second detection point, the information cached in S303. If the same mobile phone number is found and the IP address which is corresponding to the mobile phone number is found, S311 is performed; otherwise, the foregoing service request message is regarded as an unauthorized message, and alarm information is sent to a system.
  • S311 The apparatus for monitoring the WAP service subscribing process searches for, according to the information cached in S307, the URL address which is of the WAP service to be subscribed and which is corresponding to the foregoing IP address. If the corresponding URL address of the WAP service to be subscribed is found, S312 is performed; otherwise, the foregoing service request message is regarded as the unauthorized message, and the alarm information is sent to the system.
  • S312 The apparatus for monitoring the WAP service subscribing process judges whether the URL address which is in a cached message and which is found in S311 is the same as the URL address obtained by the second detection point. If the addresses are the same, the foregoing service request message is regarded as an authorized message.
  • the foregoing service request message is regarded as an unauthorized message, and the alarm information is sent to the system.
  • S313 The GGSN receives and forwards an offline request message (Accounting-Request Stop) which is initiated by the request terminal.
  • S314 Obtain the foregoing offline request message through the first detection point and parse the message to obtain the IP address and the mobile phone number of the request terminal that are carried in the message, and delete corresponding information in a cache according to the information obtained through parsing.
  • the corresponding information includes the IP address of the request terminal, the mobile phone number of the request terminal, the corresponding URL address of the WAP service to be subscribed, and the correspondence between the IP address and the mobile phone number of the request terminal and between the IP address of the request terminal and the URL address of the WAP service to be subscribed.
  • S315 After receiving the foregoing offline request message, the WAP gateway replies with an offline response message (Accounting-Response) through the GGSN to the request terminal.
  • the foregoing alarm information may include the information of the WAP service to be subscribed and/or the information of the request terminal, so that the system can reserve information of an unauthorized service to facilitate obtaining evidence or actively monitoring the unauthorized service.
  • the apparatus for monitoring the WAP service subscribing process may notify the WAP gateway of stopping the WAP service subscription.
  • the information of the request terminal is obtained through obtaining and parsing a Radius message (for example, the online request message and the offline request message) at the first detection point.
  • the information of the WAP service to be subscribed and the information of the request terminal are obtained through obtaining and parsing an HTTP message and a WSP message (for example, the service request message) at the first detection point.
  • the information obtained by the two detection points are compared to judge whether the service request message at the egress of the WAP gateway is an authorized service request sent by the request terminal, the security of the WAP service subscribing process is effectively improved, and economic losses of a user and an operator are avoided.
  • the apparatus for monitoring the WAP service subscribing process may set identification information of a target WAP service, and only monitor the target WAP service. It is taken as an example rather than limitation that, Ring Back Tone downloading is set to be the target WAP service, and then the apparatus for monitoring the WAP service subscribing process saves an IP address (for example, 218.200.169.*) of the service. Accordingly, in S309 of the foregoing first application embodiment of the present invention, the URL address of a target WAP service to be subscribed and the mobile phone number of the request terminal are obtained.
  • a network architecture as shown in FIG. 2 is still taken as an example. Its processing process is shown in FIG. 4 , and a specific implementation manner is as follows: S401: A GGSN receives and forwards an online request message (Accounting-Request Start) which is initiated by a request terminal. S402: Obtain the foregoing online request message through a first detection point and parse the message to obtain a mobile phone number which is of the request terminal and which is carried in the message. S403: Cache the mobile phone number of the request terminal.
  • S404 After receiving the foregoing online request message, a WAP gateway replies with an online response message (Accounting-Response) through the foregoing GGSN to the request terminal.
  • S405 The GGSN receives and forwards a service request message initiated by the foregoing request terminal.
  • S406 Obtain the foregoing WAP service request message through the first detection point and parse the message to obtain a network address which is of a WAP service to be subscribed and which is carried in the message.
  • the network address is a URL address of the WAP service to be subscribed.
  • S407 Cache the URL address of the foregoing WAP service to be subscribed, and correspondence between the URL address of the WAP service to be subscribed and the mobile phone number which is of the request terminal and which is obtained in the S402. It is taken as an example rather than limitation that it may be cached in a form of a table. The specific implementation manner is shown in Table 3.
  • S409 Through a second detection point, obtain the foregoing service request message which is added with the user forward information; and parse the message to obtain the URL address of the WAP service to be subscribed and the mobile phone number of the request terminal.
  • S410 An apparatus for monitoring a WAP service subscribing process searches for, according to the mobile phone number obtained by the second detection point, the information cached in S407. If the same mobile phone number is found and the URL address which is corresponding to the mobile phone number is found, S411 is performed; otherwise, the foregoing service request message is regarded as an unauthorized message, and alarm information is sent to a system.
  • S411 The apparatus for monitoring the WAP service subscribing process judges whether the URL address which is in the cached message and which is found in S410 is the same as the URL address obtained by the second detection point. If the addresses are the same, the foregoing service request message is regarded as an authorized message. If the addresses are different, the foregoing service request message is regarded as the unauthorized message, and the alarm information is sent to the system.
  • S412 The GGSN receives and forwards an offline request (Accounting-Request Stop) which is initiated by the request terminal.
  • S413 Obtain the foregoing offline request message through the first detection point, parse the message to obtain the mobile phone number which is of the request terminal and which is carried in the message, and delete corresponding information in a cache according to the information obtained through parsing.
  • the corresponding information includes the mobile phone number of the request terminal, the corresponding URL address of the WAP service to be subscribed, and the identification information of the request terminal and the URL address of the WAP service to be subscribed.
  • S414 After receiving the foregoing offline request message, the WAP gateway replies with an offline response message (Accounting-Response) through the GGSN to the request terminal.
  • the second application embodiment of the present invention further simplifies a monitoring and analysis process, thereby improving monitoring efficiency.
  • All or a part of the steps of the foregoing method embodiments may be implemented by a program instructing relevant hardware.
  • the foregoing program may be stored in a computer readable storage medium. When the program runs, the steps of the foregoing method embodiments are performed.
  • the foregoing storage medium may include any medium that can store program codes, such as a ROM, a RAM, a magnetic disk, or a compact disk.
  • the embodiment of the present invention further provides an apparatus for monitoring a WAP service subscribing process. Its structure is shown in FIG. 5 , and a specific implementation structure includes:
  • the embodiment of the present invention provides the apparatus, and information obtained from the egress of the WAP gateway and information obtained from the egress of the access network gateway are compared to judge whether WAP service subscription is authorized, so as to effectively prevent an act of unauthorized subscription to a WAP service.
  • the foregoing second monitoring module 503 may be specifically configured to obtain a service request message of the request terminal, and parse the service request message to obtain the information of the service to be subscribed and the information of the corresponding request terminal that are in the service request message.
  • the information of the service to be subscribed includes a network address of the service to be subscribed, and the information of the request terminal includes identification information of the request terminal.
  • the first monitoring module 501 has two working manners according to a difference in the first monitoring module 501 obtaining the information.
  • the first monitoring module 501 is configured to obtain an online request message of the request terminal and parse the online message to obtain the information which is of the request terminal and which is carried in the online request message.
  • the information of the request terminal includes an IP address of the foregoing request terminal and identification information of the foregoing request terminal.
  • the first monitoring module 501 is further configured to obtain the service request message of the request terminal and parse the service request message to obtain the information which is of the service to be subscribed and which is carried in the service request message.
  • the information of the service to be subscribed includes the network address of the service to be subscribed.
  • the caching module 502 is specifically configured to cache the IP address of the foregoing request terminal, the identification information of the request terminal, and correspondence between the IP address of the request terminal and the identification information of the request terminal, and further cache the network address of the service to be subscribed and correspondence between the IP address of the request terminal and the network address of the service to be subscribed.
  • the second monitoring module 503 is specifically configured to obtain, according to preset identification information of a WAP service to be monitored, the network address of the service to be subscribed and the identification information of the request terminal that are carried in the service request message for the WAP service to be monitored.
  • the first monitoring module 501 is further configured to obtain an offline request message of the request terminal and obtain the IP address of the request terminal and the identification information of the request terminal that are carried in the offline request message.
  • the caching module 502 is further configured to delete, according to the IP address of the request terminal and the identification information of the request terminal, the IP address of the corresponding request terminal, the identification information of the request terminal, and the correspondence between the IP address of the request terminal and the identification information of the request terminal, and delete the network address of the service to be subscribed and the correspondence between the IP address of the corresponding request terminal and the network address of the service to be subscribed.
  • the foregoing service judging module 504 is specifically configured to judge whether the cached information includes the identification information which is of the request terminal and which is obtained from the egress of the WAP gateway; if yes, judge whether the cached information includes the corresponding IP address and the correspondence between the identification information and the IP address of the request terminal; if yes, judge whether the cached information includes the corresponding network address and the correspondence between the IP address of the request terminal and the network address of the service to be subscribed; and if yes, judge whether the cached network address is the same as the network address which is of the service to be subscribed and which is obtained from the egress of the WAP gateway.
  • the service processing module 505 is specifically configured to continue the WAP service subscribing procedure when all of the judgment results of the service judging module 504 are yes, and otherwise, send the alarm information.
  • the first monitoring module 501 is configured to obtain an online request message of the request terminal and parse the online message to obtain information which is of the foregoing request terminal and which is carried in the online message.
  • the information of the request terminal includes identification information of the request terminal.
  • the first monitoring module 501 is is further configured to obtain the service request message of the request terminal and parse the service request message to obtain information which is of the service to be subscribed and which is carried in the service request message.
  • the information of the service to be subscribed includes the network address of the service to be subscribed.
  • the caching module 402 is specifically configured to cache the identification information of the foregoing request terminal, and further cache the network address of the service to be subscribed and correspondence between the identification information of the request terminal and the network address of the service to be subscribed.
  • the second monitoring module 503 is specifically configured to obtain, according to preset identification information of a WAP service to be monitored, the network address of the service to be subscribed and the identification information of the request terminal that are carried in the service request message for the WAP service to be monitored.
  • the first monitoring module 501 is further configured to obtain an offline request message of the request terminal and obtain the identification information which is of the request terminal and which is carried in the offline request message.
  • the caching module 502 is further configured to delete, according to the identification information of the request terminal, the corresponding identification information of the request terminal, and delete the network address of the service to be subscribed and the correspondence between the corresponding identification information of the request terminal and the network address of the service to be subscribed.
  • the foregoing service judging module 504 is specifically configured to judge whether the cached information includes the identification information which is of the request terminal and which is obtained from the egress of the WAP gateway; if yes, judge whether the cached information includes the corresponding network address and the correspondence between the identification information of the request terminal and the network address of the service to be subscribed; if yes, judge whether the cached network address is the same as the network address which is of the service to be subscribed and which is obtained from the egress of the WAP gateway.
  • the service processing module 505 is specifically configured to continue the WAP service subscribing procedure when all of the judgment results of the service judging module 504 are yes, and otherwise, send the alarm information.
  • the service judging module 504, the service processing module 505, and the caching module 502 may be set on the WAP gateway, and may also be set as separate monitoring apparatuses in the network architecture as shown in FIG. 2 .

Abstract

A method for monitoring a WAP service includes: caching information of a service to be subscribed and information of a corresponding request terminal that are obtained from an egress of an access network gateway; obtaining information of the service to be subscribed and information of the corresponding request terminal from an egress of a WAP gateway which communicates with the access network gateway; judging whether cached information includes the information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the WAP gateway; if a judgment result is yes, continuing a WAP service subscribing procedure; and if the judgment result is no, sending alarm information. Embodiments of the present invention also provide an apparatus for monitoring a WAP service subscribing process. Judge whether WAP service subscription is authorized through comparing information obtained by the egress of a WAP gateway with information obtained by the egress of the access network gateway, so that an act of subscribing to a WAP service by implanting an unauthorized program in the WAP gateway is effectively prevented and economic losses of an authorized user or an operator are avoided.

Description

  • This application claims priority to Chinese Patent Application No. CN 201010193907.6 , filed with the Chinese Patent Office on May 28,2010 and entitled "METHOD AND APPARATUS FOR MONITORING WAP SERVICE SUBSCRIBING PROCESS", which is incorporated herein by reference in its entirety.
    • FIELD OF THE INVENTION
  • The present invention relates to the field of wireless communications technologies, and in particular, to a method and an apparatus for monitoring a WAP service subscribing process.
    • BACKGROUND OF THE INVENTION
  • With rapid development of WAP (Wireless Application Protocol, wireless application protocol) services, attacks aimed at the WAP services become more and more frequent. Implanting an unauthorized program in a WAP system is a common WAP service attack means. This attack manner specifically is that, the unauthorized program is implanted in the WAP system, and the unauthorized program constructs a service subscription request message (the unauthorized service subscription request message carries a mobile phone number of another person) to send to a service processing system, and then performs second confirmation on the subscription message, so as to implement unauthorized service subscription, thereby making profits illegally.
  • During the implementation process of the present invention, the inventor finds that the prior art at least has the following problems.
  • The existing WAP service subscribing procedure lacks an effective security protection mechanism. After the unauthorized program is implanted in the WAP system, the system cannot identify an unauthorized message, and therefore the WAP services are under unauthorized subscription or used for free, thereby causing economic losses of an authorized user or an operator.
    • SUMMARY OF THE INVENTION
  • Embodiments of the present invention provide a method and an apparatus for monitoring a WAP service subscribing process so as to effectively improve security of a WAP service subscribing procedure.
  • A first aspect of present invention provides a method for monitoring a WAP service subscribing process, where the method includes:
    • caching information of a service to be subscribed and information of a corresponding request terminal that are obtained from an egress of an access network gateway;
    • obtaining information of a service to be subscribed and information of a corresponding request terminal from an egress of a Wireless Application Protocol WAP gateway which communicates with the access network gateway;
    • judging whether the cached information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the access network gateway include the information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the WAP gateway;
      if a judgment result is yes, continuing a WAP service subscribing procedure; and
      if the judgment result is no, sending alarm information.
  • A second aspect of the present invention provides an apparatus for monitoring a WAP service subscribing process, where the apparatus includes:
    • a first monitoring module, set at an egress of an access network gateway, and configured to obtain information of a service to be subscribed and information of a corresponding request terminal;
    • a caching module, configured to cache the information obtained by the first monitoring module;
    • a second monitoring module, set at an egress of a wireless application protocol WAP gateway which communicates with the access network gateway, and configured to obtain information of a service to be subscribed and information of a corresponding request terminal;
    • a service judging module, configured to judge whether the information cached by the caching module includes the information of the service to be subscribed and the information of the corresponding request terminal that are obtained by the second monitoring module; and
    • a service processing module, configured to continue a WAP service subscribing procedure when a judgment result of the service judging module is yes, and send alarm information when the judgment result of the service judging module is no.
  • It can be seen from the technical solutions provided in the foregoing embodiments of the present invention that, in the embodiments of the present invention, through comparing the information obtained from the egress of the WAP gateway with the information obtained from the egress of the access network gateway; to judge whether WAP service subscription is authorized, an act of subscribing to the WAP service by implanting the unauthorized program in the WAP gateway is effectively prevented, thereby avoiding the economic losses of an authorized user or an operator.
    • BRIEF DESCRIPTION OF THE DRAWING
  • To illustrate the technical solutions of the embodiments of the present invention more clearly, the accompanying drawings required for describing the embodiments are introduced briefly in the following. Apparently, the accompanying drawings in the following description are only some embodiments of the present invention, and persons of ordinary skill in the art can further derive other drawings according to these accompanying drawings without creative efforts.
    • FIG. 1 is a flow chart of a method according to an embodiment of the present invention;
    • FIG. 2 is a schematic structural diagram of a system according to an embodiment of the present invention;
    • FIG. 3, including 3A, 3B, and 3C, is a signaling flow chart of a first embodiment of the present invention;
    • FIG. 4, including 4A, 4B, and 4C, is a signaling flow chart of a second embodiment of the present invention;
    • FIG. 5 is a schematic structural diagram of an apparatus according to an embodiment of the present invention.
    DETAILED DESCRIPTION OF THE EMBODIMENTS
  • The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. Apparently, the embodiments to be described are only a part rather than all of the embodiments of the present invention. All other embodiments obtained by persons of ordinary skill in the art based on the embodiments of the present invention without creative efforts shall fall within the protection scope of the present invention.
  • In order to improve security of a WAP service subscribing process, an embodiment of the present invention provides a method for monitoring a WAP service subscribing process. The procedure of the method is shown in FIG 1, and the specific implementation manner is as follows:
    • S101: Cache information of a service to be subscribed and information of a corresponding request terminal that are obtained from an egress of an access network gateway.
    • S102: Obtain information of a service to be subscribed and information of a corresponding request terminal from an egress of a WAP gateway which communicates with the foregoing access network gateway.
    • S103: Judge whether the foregoing cached information of the service to be subscribed and information of the corresponding request terminal that are obtained from the egress of the access network gateway include the foregoing information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the WAP gateway.
  • If a judgment result is yes (that is, the cached information includes the information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the WAP gateway), perform S104: continue a WAP service subscribing procedure.
  • If the judgment result is no (that is, the cached information at least does not include one of the following information: the information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the WAP gateway), perform S105: send alarm information.
  • In the embodiment of the present invention, a direction of the egress of the WAP gateway refers to a direction in which the WAP gateway sends data to a core network/a service network; and a direction of the egress of the access network gateway refers to a direction in which the access network gateway sends data to the WAP gateway.
  • In the embodiment of the present invention, the access network gateway refers to a gateway which forwards communication data between the request terminal and the WAP gateway.
  • In the method provided in the embodiment of the present invention, the information obtained from the egress of the WAP gateway and the information obtained from the egress of the access network gateway are compared, for example, if an unauthorized service request is sent by an unauthorized program which is implanted in the WAP gateway, the service request information cannot be found in the cached information which is obtained from the egress of the access network gateway; thereby judging whether WAP service subscription is authorized, and effectively preventing an act of unauthorized subscription to the WAP service.
  • In the method provided in the embodiment of the present invention, detection points are set respectively at the egress of the WAP gateway and the egress of the access network gateway which communicates with the WAP gateway, and information obtained by the detection points is parsed to implement the monitoring on the WAP service subscribing process. According to a difference in the detection points information, the embodiment of the present invention provides two implementation manners for obtaining information.
    • Manner 1
  • The specific implementation manner of the foregoing S 1 02 includes: a detection point which is set at the egress of the WAP gateway obtains a service request message of the request terminal, and parses the service request message to obtain the information of the service to be subscribed and the information of the corresponding request terminal that are in the service request message; the information of the service to be subscribed includes a network address of the service to be subscribed (in the embodiment of the present invention, the address may be an IP address, and may also be a URL (Uniform Resource Location, uniform resource locator) address); the information of the request terminal includes identification information of the foregoing request terminal (in an embodiment of the present invention, the identification information may be a mobile phone number of the request terminal, an IMSI (International Mobile Subscriber Identity, international mobile subscriber identity), or a subscriber pseudo code, and so on). The specific implementation manner of the foregoing S101 includes: a detection point which is set at the egress of the foregoing access network gateway obtains an online request message of the request terminal, parses the online request message to obtain and cache the information of the request terminal, where the information is carried in the online request message; the information of the request terminal includes an IP address of the foregoing request terminal and identification information of the request terminal, and correspondence between the IP address of the request terminal and the identification information of the request terminal is further cached; the detection point which is set at the egress of the foregoing access network gateway also obtains the service request message of the foregoing request terminal, parses the service request message to obtain and cache the information of the service to be subscribed, where the information is carried in the service request message; the information of the service to be subscribed includes the network address of the service to be subscribed, and correspondence between the IP address of the request terminal and the network address of the service to be subscribed is further cached. In the embodiment of the present invention, in order to improve the monitoring efficiency, only a target WAP service that is set may be monitored, and then in S102, specifically, the network address of the service to be subscribed and identification information of the request terminal may be obtained according to preset identification information of the WAP service to be monitored (the identification information may be an IP address of the WAP service, or a URL address of the WAP service, and so on), where the network address of the service to be subscribed is carried in the service request message of a WAP service to be monitored.
  • In addition, after the judgment, the embodiment of the present invention may further include S106a: the detection point which is set at the egress of the access network gateway obtains an offline request message of the foregoing request terminal, parses the offline request message to obtain the IP address of the request terminal and the identification information of the request terminal that are carried in the offline request message; according to the IP address of the request terminal and the identification information of the request terminal, deletes corresponding IP address of the request terminal and identification information of the request terminal, and the correspondence between the IP address of the request terminal and the identification information of the request terminal, where the corresponding IP address and identification information, and the correspondence are in the cache, and deletes the correspondence between the IP address of the corresponding request terminal and the network of the service to be subscribed, and the network address of the service to be subscribed, where the correspondence and the network address are in the cache. Accordingly, the specific implementation manner of the foregoing monitoring the WAP service subscribing process is as follows:
    • S1031a: Judge whether the cached information includes the identification information which is of the request terminal and which is obtained from the egress of the WAP gateway.
  • If a judgment result of S1031a is yes, perform S1032a: judge whether the cached information includes the corresponding IP address and the correspondence between the identification information of the request terminal and the IP address of the request terminal; if the judgment result of S 1031a is no, perform the foregoing S105.
  • If a judgment result of S 1 032a is yes, perform S1033a: judge whether the cached information includes a corresponding network address and the correspondence between the IP address of the foregoing request terminal and the network address of the service to be subscribed; if the judgment result of S1032a is no, perform the foregoing S105.
  • If a judgment result of S1033a is yes, perform S1034a: judge whether the foregoing cached network address is the same as the foregoing network address which is of the service to be subscribed and which is obtained from the egress of the WAP gateway. If the network addresses are the same, the subscription service is regarded as an authorized service, and the foregoing S104 is performed. Otherwise, the subscription service is an unauthorized service, and the foregoing S105 is performed.
    • Manner 2
  • The specific implementation manner of the foregoing S102 includes: a detection point which is set at the egress of the WAP gateway obtains a service request message of the request terminal, and parses the service request message to obtain information of the service to be subscribed and information of the corresponding request terminal that are in the service request message; the information of the service to be subscribed includes a network address of the service to be subscribed, and the information of the request terminal includes identification information of the foregoing request terminal. The specific implementation manner of the foregoing S101 includes: a detection point which is set at the egress of the foregoing access network gateway obtains an online request message of the request terminal, and parses the online request message to obtain and cache information which is of the request terminal and which is carried in the online request message, where the information of the request terminal includes identification information of the foregoing request terminal; the detection point which is set at the egress of the foregoing access network gateway also obtains a service request message of the foregoing request terminal, parses the service request message to obtain and cache information which is of the service to be subscribed and which is carried in the service request message, where the information of the service to be subscribed includes a network address of the service to be subscribed, and caches correspondence between the identification information of the request terminal and the network address of the service to be subscribed. In the embodiment of the present invention, in order to improve the monitoring efficiency, only a target WAP service that is set may be monitored, and then in S102, specifically, the network address of the service to be subscribed and the identification information of the request terminal that are carried in the service request message for a WAP service to be monitored may be obtained according to preset identification information of the WAP service to be monitored. In addition, after the judgment, the embodiment of the present invention further includes S106b: the detection point which is set at the egress of the access network gateway obtains an offline request message of the foregoing request terminal, parses the offline request message to obtain the identification information which is of the request terminal and which is carried in the offline request message; and according to the identification information of the request terminal, deletes the identification information of the corresponding request terminal in the cache, and deletes the correspondence between the identification information of the corresponding request terminal and the network address of the service to be subscribed, and the network address of the service to be subscribed, where the correspondence and the network address are in the cache. Accordingly, the specific implementation manner of the foregoing monitoring the WAP service subscribing process is as follows:
    • S1031b: Judge whether the cached information includes the identification information which is of the request terminal and which is obtained from the egress of the WAP gateway.
  • If a judgment result of S1031b is yes, perform S1032b: judge whether the cached information includes the corresponding network address and the correspondence between the identification information of the foregoing request terminal and the network address of the service to be subscribed; if a judgment result of S1032b is no, perform the foregoing S105.
  • If the judgment result of S1032b is yes, perform S1033b: judge whether the foregoing cached network address is the same as the foregoing network address which is of the service to be subscribed and which is obtained from the egress of the WAP gateway. If the addresses are the same, the subscription service is regarded as an authorized service, and the foregoing S104 is performed; otherwise, the subscription service is an unauthorized service, and the foregoing S105 is performed.
  • The specific implementation manner of the embodiment of the present invention in a practical application process is described in detail in the following.
  • In a network architecture as shown in FIG. 2, a GGSN (Gateway GPRS Support Node, gateway GPRS support node, GPRS General Packet Radio Service, general packet radio technology) as an access network gateway, is in charge of transmitting a communication between a terminal and a wireless network. The WAP gateway is in charge of transmitting a communication message between the GGSN and a WAP service server. A Portal (a type of webpage application technology) server, an AS (Application Server, application server), and an SP/CP (Service Provider/Content Provider, service provider/content provider) serve to provide network services to the terminal. A first detection point is set at an egress of the GGSN. It should be noted that, although only one GGSN is shown in a schematic diagram of the network architecture in FIG 2, in the practical application process, multiple GGSNs in communication with a same WAP gateway may exist. Accordingly, an egress of each GGSN is set with a first detection point. A second detection point is set at the egress of the WAP gateway. An apparatus for monitoring the WAP service subscribing process is connected to the first detection point and the second detection point to analyze and process monitoring data.
    • Embodiment 1
  • Taking a network architecture as shown in FIG. 2 as an example, a WAP service subscribing procedure in which a monitoring method provided in an embodiment of the present invention is applied is shown in FIG. 3, a specific implementation manner is as follows:
    S301: A GGSN receives and forwards an online request message (Accounting-Request Start) which is initiated by a request terminal.
    S302: Obtain the foregoing online request message through a first detection point and parse the message to obtain an IP address of the request terminal and identification information of the mobile terminal that are carried in the message. In this application embodiment, the identification information is a mobile phone number.
    S303: Cache the IP address and the mobile phone number of the request terminal, and correspondence between the IP address and the mobile phone number. It is taken as an example rather than limitation that it may be cached in a form of a table. The specific implementation manner is shown in Table 1. Table 1
    IP address Mobile phone number
    Request terminal
    1 211.200.138.0 13811122111
    Request terminal 2 211.200.131.3 13400011000
    Request terminal N 211.200.124.0 13633355000

    S304: After receiving the foregoing online request message, a WAP gateway replies with an online response message (Accounting-Response) through the foregoing GGSN to the request terminal.
    S305: The GGSN receives and forwards a service request message initiated by the foregoing request terminal.
    S306: Obtain the foregoing WAP service request message through the first detection point and parse the message to obtain a network address which is of the WAP service to be subscribed and which is carried in the message. In this application embodiment, the network address is a URL address of the WAP service to be subscribed.
    S307: Cache the foregoing URL address of the WAP service to be subscribed, and correspondence between the URL address of the WAP service to be subscribed and the IP address which is of the request terminal and which is obtained in S302. It is taken as an example rather than limitation that it may be cached in the form of a table. The specific implementation manner is shown in Table 2. Table 2
    IP address URL of the WAP service to be subscribed
    Request terminal 1 211.200.138. 0 http://www.ietf.org/rfc/rfc1738.html
    Request terminal 2 211.200.131. 3 http://rfc.sunsite.dk/rfc/rfc1721.html
    Request terminal N 211.200.124. 0 http://04e1d3d7.linkbucks.com

    S308: After receiving the foregoing service request message, the WAP gateway adds user forward information into the service request message and forwards the message. It is taken as an example rather than limitation that the user forward information (the user forward information may be the mobile phone number of the request terminal) may be added through an X-Up-Calling-Line-ID field.
    S309: Through a second detection point, obtain the foregoing service request message which is added with the user forward information; and parse the message to obtain the URL address of the WAP service to be subscribed and the mobile phone number of the request terminal.
    S310: An apparatus for monitoring a WAP service subscribing process searches for, according to the mobile phone number obtained by the second detection point, the information cached in S303. If the same mobile phone number is found and the IP address which is corresponding to the mobile phone number is found, S311 is performed; otherwise, the foregoing service request message is regarded as an unauthorized message, and alarm information is sent to a system.
    S311: The apparatus for monitoring the WAP service subscribing process searches for, according to the information cached in S307, the URL address which is of the WAP service to be subscribed and which is corresponding to the foregoing IP address. If the corresponding URL address of the WAP service to be subscribed is found, S312 is performed; otherwise, the foregoing service request message is regarded as the unauthorized message, and the alarm information is sent to the system.
    S312: The apparatus for monitoring the WAP service subscribing process judges whether the URL address which is in a cached message and which is found in S311 is the same as the URL address obtained by the second detection point. If the addresses are the same, the foregoing service request message is regarded as an authorized message. If the addresses are different, the foregoing service request message is regarded as an unauthorized message, and the alarm information is sent to the system.
    S313: The GGSN receives and forwards an offline request message (Accounting-Request Stop) which is initiated by the request terminal.
    S314: Obtain the foregoing offline request message through the first detection point and parse the message to obtain the IP address and the mobile phone number of the request terminal that are carried in the message, and delete corresponding information in a cache according to the information obtained through parsing. The corresponding information includes the IP address of the request terminal, the mobile phone number of the request terminal, the corresponding URL address of the WAP service to be subscribed, and the correspondence between the IP address and the mobile phone number of the request terminal and between the IP address of the request terminal and the URL address of the WAP service to be subscribed.
    S315: After receiving the foregoing offline request message, the WAP gateway replies with an offline response message (Accounting-Response) through the GGSN to the request terminal.
  • The foregoing alarm information may include the information of the WAP service to be subscribed and/or the information of the request terminal, so that the system can reserve information of an unauthorized service to facilitate obtaining evidence or actively monitoring the unauthorized service. After sending the alarm information, the apparatus for monitoring the WAP service subscribing process may notify the WAP gateway of stopping the WAP service subscription.
  • In the foregoing first application embodiment of the present invention, the information of the request terminal is obtained through obtaining and parsing a Radius message (for example, the online request message and the offline request message) at the first detection point. The information of the WAP service to be subscribed and the information of the request terminal are obtained through obtaining and parsing an HTTP message and a WSP message (for example, the service request message) at the first detection point. The information obtained by the two detection points are compared to judge whether the service request message at the egress of the WAP gateway is an authorized service request sent by the request terminal, the security of the WAP service subscribing process is effectively improved, and economic losses of a user and an operator are avoided.
  • In the practical application process, if all WAP services are monitored, a bandwidth burden of the system may be increased. In consideration of both the security and the monitoring efficiency, the apparatus for monitoring the WAP service subscribing process may set identification information of a target WAP service, and only monitor the target WAP service. It is taken as an example rather than limitation that, Ring Back Tone downloading is set to be the target WAP service, and then the apparatus for monitoring the WAP service subscribing process saves an IP address (for example, 218.200.169.*) of the service. Accordingly, in S309 of the foregoing first application embodiment of the present invention, the URL address of a target WAP service to be subscribed and the mobile phone number of the request terminal are obtained.
    • Embodiment 2
  • In a second application embodiment provided in the preset invention, a network architecture as shown in FIG. 2 is still taken as an example. Its processing process is shown in FIG. 4, and a specific implementation manner is as follows:
    S401: A GGSN receives and forwards an online request message (Accounting-Request Start) which is initiated by a request terminal.
    S402: Obtain the foregoing online request message through a first detection point and parse the message to obtain a mobile phone number which is of the request terminal and which is carried in the message.
    S403: Cache the mobile phone number of the request terminal.
    S404: After receiving the foregoing online request message, a WAP gateway replies with an online response message (Accounting-Response) through the foregoing GGSN to the request terminal.
    S405: The GGSN receives and forwards a service request message initiated by the foregoing request terminal.
    S406: Obtain the foregoing WAP service request message through the first detection point and parse the message to obtain a network address which is of a WAP service to be subscribed and which is carried in the message. In this application embodiment, the network address is a URL address of the WAP service to be subscribed.
    S407: Cache the URL address of the foregoing WAP service to be subscribed, and correspondence between the URL address of the WAP service to be subscribed and the mobile phone number which is of the request terminal and which is obtained in the S402. It is taken as an example rather than limitation that it may be cached in a form of a table. The specific implementation manner is shown in Table 3. Table 3
    Mobile phone number URL of the WAP service to be subscribed
    Request terminal 1 13811122111 http://www.ietf.org/rfc/rfc1738.html
    Request terminal 2 13400011000 http://rfc.sunsite.dk/rfc/rfc1721.html
    Request terminal N 13633355000 http://04e1d3d7.linkbucks.com

    S408: After receiving the foregoing service request message, the WAP gateway adds user forward information into the service request message and forwards the message. It is taken as an example rather than limitation that, the user forward information (the user forward information may be the mobile phone number of the request terminal) may be added through an X-Up-Calling-Line-ID field.
    S409: Through a second detection point, obtain the foregoing service request message which is added with the user forward information; and parse the message to obtain the URL address of the WAP service to be subscribed and the mobile phone number of the request terminal.
    S410: An apparatus for monitoring a WAP service subscribing process searches for, according to the mobile phone number obtained by the second detection point, the information cached in S407. If the same mobile phone number is found and the URL address which is corresponding to the mobile phone number is found, S411 is performed; otherwise, the foregoing service request message is regarded as an unauthorized message, and alarm information is sent to a system.
    S411: The apparatus for monitoring the WAP service subscribing process judges whether the URL address which is in the cached message and which is found in S410 is the same as the URL address obtained by the second detection point. If the addresses are the same, the foregoing service request message is regarded as an authorized message. If the addresses are different, the foregoing service request message is regarded as the unauthorized message, and the alarm information is sent to the system.
    S412: The GGSN receives and forwards an offline request (Accounting-Request Stop) which is initiated by the request terminal.
    S413: Obtain the foregoing offline request message through the first detection point, parse the message to obtain the mobile phone number which is of the request terminal and which is carried in the message, and delete corresponding information in a cache according to the information obtained through parsing. The corresponding information includes the mobile phone number of the request terminal, the corresponding URL address of the WAP service to be subscribed, and the identification information of the request terminal and the URL address of the WAP service to be subscribed.
    S414: After receiving the foregoing offline request message, the WAP gateway replies with an offline response message (Accounting-Response) through the GGSN to the request terminal.
  • It can be seen that, the second application embodiment of the present invention further simplifies a monitoring and analysis process, thereby improving monitoring efficiency.
  • All or a part of the steps of the foregoing method embodiments may be implemented by a program instructing relevant hardware. The foregoing program may be stored in a computer readable storage medium. When the program runs, the steps of the foregoing method embodiments are performed. The foregoing storage medium may include any medium that can store program codes, such as a ROM, a RAM, a magnetic disk, or a compact disk.
  • The embodiment of the present invention further provides an apparatus for monitoring a WAP service subscribing process. Its structure is shown in FIG. 5, and a specific implementation structure includes:
    • a first monitoring module 501, set at an egress of an access network gateway, and configured to obtain information of a service to be subscribed and information of a corresponding request terminal;
    • a caching module 502, configured to cache the information obtained by the first monitoring module 501;
    • a second monitoring module 503, set at an egress of a wireless application protocol WAP gateway which communicates with the foregoing access network gateway, and configured to obtain information of a service to be subscribed and information of a corresponding request terminal;
    • a service judging module 504, configured to judge whether the information cached by the caching module 502 includes the information of the service to be subscribed and the information of the corresponding request terminal that are obtained by the second monitoring module 503; and
    • a service processing module 505, configured to continue a WAP service subscribing procedure when a judgment result of the service judging module 504 is yes (that is, the cached information includes the information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the WAP gateway), and send alarm information if the judgment result of the service judging module is no (that is, the cached information at least does not include one of the information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the WAP gateway).
  • The embodiment of the present invention provides the apparatus, and information obtained from the egress of the WAP gateway and information obtained from the egress of the access network gateway are compared to judge whether WAP service subscription is authorized, so as to effectively prevent an act of unauthorized subscription to a WAP service.
  • The foregoing second monitoring module 503 may be specifically configured to obtain a service request message of the request terminal, and parse the service request message to obtain the information of the service to be subscribed and the information of the corresponding request terminal that are in the service request message. The information of the service to be subscribed includes a network address of the service to be subscribed, and the information of the request terminal includes identification information of the request terminal.
  • In the embodiment of the present invention, the first monitoring module 501 has two working manners according to a difference in the first monitoring module 501 obtaining the information.
  • In a first manner, the first monitoring module 501 is configured to obtain an online request message of the request terminal and parse the online message to obtain the information which is of the request terminal and which is carried in the online request message. The information of the request terminal includes an IP address of the foregoing request terminal and identification information of the foregoing request terminal. The first monitoring module 501 is further configured to obtain the service request message of the request terminal and parse the service request message to obtain the information which is of the service to be subscribed and which is carried in the service request message. The information of the service to be subscribed includes the network address of the service to be subscribed. Accordingly, the caching module 502 is specifically configured to cache the IP address of the foregoing request terminal, the identification information of the request terminal, and correspondence between the IP address of the request terminal and the identification information of the request terminal, and further cache the network address of the service to be subscribed and correspondence between the IP address of the request terminal and the network address of the service to be subscribed. In order to improve monitoring efficiency, only a target WAP service that is set may be monitored, and then the second monitoring module 503 is specifically configured to obtain, according to preset identification information of a WAP service to be monitored, the network address of the service to be subscribed and the identification information of the request terminal that are carried in the service request message for the WAP service to be monitored. After the service judging module 504 performs judgment, the first monitoring module 501 is further configured to obtain an offline request message of the request terminal and obtain the IP address of the request terminal and the identification information of the request terminal that are carried in the offline request message. The caching module 502 is further configured to delete, according to the IP address of the request terminal and the identification information of the request terminal, the IP address of the corresponding request terminal, the identification information of the request terminal, and the correspondence between the IP address of the request terminal and the identification information of the request terminal, and delete the network address of the service to be subscribed and the correspondence between the IP address of the corresponding request terminal and the network address of the service to be subscribed. Accordingly, the foregoing service judging module 504 is specifically configured to judge whether the cached information includes the identification information which is of the request terminal and which is obtained from the egress of the WAP gateway; if yes, judge whether the cached information includes the corresponding IP address and the correspondence between the identification information and the IP address of the request terminal; if yes, judge whether the cached information includes the corresponding network address and the correspondence between the IP address of the request terminal and the network address of the service to be subscribed; and if yes, judge whether the cached network address is the same as the network address which is of the service to be subscribed and which is obtained from the egress of the WAP gateway. The service processing module 505 is specifically configured to continue the WAP service subscribing procedure when all of the judgment results of the service judging module 504 are yes, and otherwise, send the alarm information.
  • In a second manner, the first monitoring module 501 is configured to obtain an online request message of the request terminal and parse the online message to obtain information which is of the foregoing request terminal and which is carried in the online message. The information of the request terminal includes identification information of the request terminal. The first monitoring module 501 is is further configured to obtain the service request message of the request terminal and parse the service request message to obtain information which is of the service to be subscribed and which is carried in the service request message. The information of the service to be subscribed includes the network address of the service to be subscribed. Accordingly, the caching module 402 is specifically configured to cache the identification information of the foregoing request terminal, and further cache the network address of the service to be subscribed and correspondence between the identification information of the request terminal and the network address of the service to be subscribed. In order to improve monitoring efficiency, only a target WAP service that is set may be monitored, and then the second monitoring module 503 is specifically configured to obtain, according to preset identification information of a WAP service to be monitored, the network address of the service to be subscribed and the identification information of the request terminal that are carried in the service request message for the WAP service to be monitored. After the service judging module 504 performs judgment, the first monitoring module 501 is further configured to obtain an offline request message of the request terminal and obtain the identification information which is of the request terminal and which is carried in the offline request message. The caching module 502 is further configured to delete, according to the identification information of the request terminal, the corresponding identification information of the request terminal, and delete the network address of the service to be subscribed and the correspondence between the corresponding identification information of the request terminal and the network address of the service to be subscribed. Accordingly, the foregoing service judging module 504 is specifically configured to judge whether the cached information includes the identification information which is of the request terminal and which is obtained from the egress of the WAP gateway; if yes, judge whether the cached information includes the corresponding network address and the correspondence between the identification information of the request terminal and the network address of the service to be subscribed; if yes, judge whether the cached network address is the same as the network address which is of the service to be subscribed and which is obtained from the egress of the WAP gateway. The service processing module 505 is specifically configured to continue the WAP service subscribing procedure when all of the judgment results of the service judging module 504 are yes, and otherwise, send the alarm information.
  • In the apparatus provided in the embodiment of the present invention, the service judging module 504, the service processing module 505, and the caching module 502 may be set on the WAP gateway, and may also be set as separate monitoring apparatuses in the network architecture as shown in FIG. 2.
  • The foregoing descriptions are merely exemplary embodiments of the present invention, but are not intended to limit the protection scope of the present invention. Any modification and replacement that can be easily thought of by persons skilled in the art within the technical scope disclosed by the present invention shall fall within the protection scope of the present invention. Therefore, the protection scope of the present invention should be subject to the protection scope of the claims.

Claims (16)

  1. A method for monitoring a WAP service subscribing process, comprising:
    caching information of a service to be subscribed and information of a corresponding request terminal that are obtained from an egress of an access network gateway;
    obtaining information of a service to be subscribed and information of a corresponding request terminal from an egress of a wireless application protocol WAP gateway which communicates with the access network gateway;
    judging whether the cached information of the service to be subscribed and information of the corresponding request terminal that are obtained from the egress of the access network gateway comprise the information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the WAP gateway;
    if a judgment result is yes, continuing a WAP service subscribing procedure; and
    if the judgment result is no, sending alarm information.
  2. The method according to claim 1, wherein the obtaining the information of the service to be subscribed and the information of the corresponding request terminal from the egress of the WAP gateway comprises:
    obtaining a service request message of the request terminal from the egress of the WAP gateway, and obtaining the information of the service to be subscribed and the information of the corresponding request terminal in the service request message, wherein the information of the service to be subscribed comprises a network address of the service to be subscribed, and the information of the request terminal comprises identification information of the request terminal.
  3. The method according to claim 2, wherein the caching the information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the access network gateway comprises:
    obtaining an online request message of the request terminal from the egress of the access network gateway, obtaining and caching the information which is of the request terminal and which is carried in the online message, wherein the information of the request terminal comprises an IP address of the request terminal and the identification information of the request terminal, and further caching correspondence between the IP address of the request terminal and the identification information of the request terminal; and
    obtaining the service request message of the request terminal from the egress of the access network gateway, obtaining and caching the information which is of the service to be subscribed and which is carried in the service request message, wherein the information of the service to be subscribed comprises the network address of the service to subscribed, and further caching correspondence between the IP address of the request terminal and the network address of the service to be subscribed.
  4. The method according to claim 3, wherein the judging whether cached information comprises the information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the WAP gateway comprises:
    judging whether the cached information comprises the identification information which is of the request terminal and which is obtained from the egress of the WAP gateway;
    if yes, judging whether the cached information comprises a corresponding IP address and the correspondence between the identification information and the IP address of the request terminal;
    if yes, judging whether the cached information comprises a corresponding network address and the correspondence between the IP address of the request terminal and the network address of the service to be subscribed; and
    if yes, judging whether the cached network address is the same as the network address which is of the service to be subscribed and which is obtained from the egress of the WAP gateway.
  5. The method according to claim 2, wherein the caching the information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the access network gateway comprises:
    obtaining an online request message of the request terminal from the egress of the access network gateway, and obtaining and caching the information which is of the request terminal and which is carried in the online message, wherein the information of the request terminal comprises the identification information of the request terminal; and
    obtaining the service request message of the request terminal from the egress of the access network gateway, obtaining and caching the information which is of the service to be subscribed and which is carried in the service request message, wherein the information of the service to be subscribed comprises the network address of the service to be subscribed, and further caching correspondence between the identification information of the request terminal and the network address of the service to be subscribed.
  6. The method according to claim 5, wherein the judging whether cached information comprises the information of the service to be subscribed and the information of the corresponding request terminal that are obtained from the egress of the WAP gateway comprises:
    judging whether the cached information comprises the identification information which is of the request terminal and which is obtained from the egress of the WAP gateway;
    if yes, judging whether the cached information comprises a corresponding network address and the correspondence between the identification information of the request terminal and the network address of the service to be subscribed; and
    if yes, judging whether the cached network address is the same as the network address which is of the service to be subscribed and which is obtained from the of the WAP gateway.
  7. The method according to any one of claims 1 to 6, wherein according to preset identification information of a WAP service to be monitored, a subscribing process of the WAP service to be monitored is monitored.
  8. The method according to any one of claims 3 to 6, wherein after judgment, the method further comprises:
    obtaining an offline request message of the request terminal from the egress of the access network gateway, and obtaining the identification information which is of the request terminal and which is carried in the offline request message; and
    deleting corresponding information in a cache according to the identification information of the request terminal.
  9. The method according to any one of claims 1 to 6, wherein the alarm information comprises the information of the service to be subscribed and/or the information of the corresponding request terminal.
  10. An apparatus for monitoring a WAP service subscribing process, comprising:
    a first monitoring module, set at an egress of an access network gateway, and configured to obtain information of a service to be subscribed and information of a corresponding request terminal;
    a caching module, configured to cache the information obtained by the first monitoring module;
    a second monitoring module, set at an egress of a wireless application protocol WAP gateway which communicates with the access network gateway, and configured to obtain information of the service to be subscribed and information of the corresponding request terminal;
    a service judging module, configured to judge whether the information cached by the caching module comprises the information of the service to be subscribed and the information of the corresponding request terminal that are obtained by the second monitoring module; and
    a service processing module, configured to continue a WAP service subscribing procedure when a judgment result of the service judging module is yes, and send alarm information when the judgment result of the service judging module is no.
  11. The apparatus according to claim 10, wherein the second monitoring module is specifically configured to obtain a service request message of the request terminal, and obtain the information of the service to be subscribed and the information of the corresponding request terminal in the service request message, wherein the information of the service to be subscribed comprises a network address of the service to be subscribed, and the information of the request terminal comprises identification information of the request terminal.
  12. The apparatus according to claim 11, wherein the first monitoring module is specifically configured to obtain an online request message of the request terminal, and obtain the information which is of the request terminal and which is carried in the online message, wherein the information of the request terminal comprises an IP address of the request terminal and the identification information of the request terminal, and further configured to obtain the service request message of the request terminal, and obtain the information which is of the service to be subscribed and which is carried in the service request message, wherein the information of the service to be subscribed comprises the network address of the service to be subscribed; and the caching module is specifically configured to cache the IP address of the request terminal, the identification information of the request terminal, and correspondence between the IP address of the request terminal and the identification information of the request terminal, and further cache the network address of the service to be subscribed and correspondence between the IP address of the request terminal and the network address of the service to be subscribed.
  13. The apparatus according to claim 12, wherein the service judging module is specifically configured to judge whether cached information comprises the identification information which is of the request terminal and which is obtained from the egress of the WAP gateway; if yes, judge whether the cached information comprises a corresponding IP address and the correspondence between the identification information and the IP address of the request terminal; if yes, judge whether the cached information comprises a corresponding network address and the correspondence between the IP address of the request terminal and the network address of the service to be subscribed; and if yes, judge whether the cached network address is the same as the network address which is of the service to be subscribed and which is obtained from the egress of the WAP gateway; and
    the service processing module is specifically configured to continue the WAP service subscribing procedure when all judgment results of the service judging module are yes, and otherwise, send the alarm information.
  14. The apparatus according to claim 11, wherein the first monitoring module is specifically configured to obtain an online request message of the request terminal, and obtain the information which is of the request terminal and which is carried in the online message, wherein the information of the request terminal comprises the identification information of the request terminal, and further configured to obtain the service request message of the request terminal, and obtain the information which is of the service to be subscribed and which is carried in the service request message, wherein the information of the service to be subscribed comprises the network address of the service to be subscribed; and the caching module is specifically configured to cache the identification information of the request terminal, and further cache the network address of the service to be subscribed and correspondence between the identification information of the request terminal and the network address of the service to be subscribed.
  15. The apparatus according to claim 14, wherein the service judging module is specifically configured to judge whether the cached information comprises the identification information which is of the request terminal and which is obtained from the egress of the WAP gateway; if yes, judge whether the cached information comprises a corresponding network address and the correspondence between the identification information of the request terminal and the network address of the service to be subscribed; if yes, judge whether the cached network address is the same as the network address which is of the service to be subscribed and which is obtained from the egress of the WAP gateway; and
    the service processing module is specifically configured to continue the WAP service subscribing procedure when all judgment results of the service judging module are yes, and otherwise, send the alarm information.
  16. The apparatus according to any one of claims 10 to 15, wherein the apparatus is specifically configured to, according to preset identification information of a WAP service to be monitored, monitor a subscribing process of the WAP service to be monitored.
EP11786021.3A 2010-05-28 2011-05-06 Method and apparatus for monitoring process of subscribing wap services Active EP2579637B1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201010193907.6A CN102264073B (en) 2010-05-28 2010-05-28 Method and device for monitoring WAP (Wireless Application Protocol) service subscribing process
PCT/CN2011/073746 WO2011147249A1 (en) 2010-05-28 2011-05-06 Method and apparatus for monitoring process of subscribing wap services

Publications (3)

Publication Number Publication Date
EP2579637A4 EP2579637A4 (en) 2013-04-10
EP2579637A1 true EP2579637A1 (en) 2013-04-10
EP2579637B1 EP2579637B1 (en) 2014-04-02

Family

ID=45003293

Family Applications (1)

Application Number Title Priority Date Filing Date
EP11786021.3A Active EP2579637B1 (en) 2010-05-28 2011-05-06 Method and apparatus for monitoring process of subscribing wap services

Country Status (3)

Country Link
EP (1) EP2579637B1 (en)
CN (1) CN102264073B (en)
WO (1) WO2011147249A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016177460A (en) * 2015-03-19 2016-10-06 株式会社リコー System and program

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004112346A1 (en) * 2003-06-19 2004-12-23 Nokia Corporation Improvements in security of a communication system
US7120148B1 (en) * 2002-02-12 2006-10-10 Cisco Technology, Inc. System and method for providing source awareness in a wireless application protocol network environment
US20080065746A1 (en) * 2006-09-07 2008-03-13 Ace*Comm Corporation Consumer configurable mobile communication web filtering solution

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7068999B2 (en) * 2002-08-02 2006-06-27 Symbol Technologies, Inc. System and method for detection of a rogue wireless access point in a wireless communication network
CN1905593A (en) * 2005-07-26 2007-01-31 中国移动通信集团公司 Method for processing communication value increasing service ordering information
CN101137160B (en) * 2006-09-01 2010-04-21 华为技术有限公司 Method and system to detect tracing state and tracing proxy, tracking control server
CN101304434B (en) * 2008-05-21 2011-03-23 中国联合网络通信集团有限公司 System and method for preventing WAP service from illegally ordering
CN101378551A (en) * 2008-09-26 2009-03-04 中兴通讯股份有限公司 WAP business system and method
CN101635895B (en) * 2009-07-31 2014-03-12 青岛海信移动通信技术股份有限公司 Website content subscribing system, website content subscribing method, mobile communication terminal and server

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7120148B1 (en) * 2002-02-12 2006-10-10 Cisco Technology, Inc. System and method for providing source awareness in a wireless application protocol network environment
WO2004112346A1 (en) * 2003-06-19 2004-12-23 Nokia Corporation Improvements in security of a communication system
US20080065746A1 (en) * 2006-09-07 2008-03-13 Ace*Comm Corporation Consumer configurable mobile communication web filtering solution

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Juniper Networks: "NetScreen ScreenOS 5.0.0 GPRS. Reference Guide", , 2004, XP002690861, Retrieved from the Internet: URL:http://www.juniper.net/techpubs/software/screenos/screenos5x/screenos5xgprs/GPRS.pdf [retrieved on 2013-01-23] *
See also references of WO2011147249A1 *

Also Published As

Publication number Publication date
EP2579637B1 (en) 2014-04-02
CN102264073B (en) 2014-04-16
EP2579637A4 (en) 2013-04-10
WO2011147249A1 (en) 2011-12-01
CN102264073A (en) 2011-11-30

Similar Documents

Publication Publication Date Title
JP3981118B2 (en) Method for notifying a legitimate intercept system of a service system that services an intercepted goal
JP5479450B2 (en) Telecommunications network
WO2022046176A1 (en) Methods, systems, and computer readable media for 5g user equipment (ue) historical mobility tracking and security screening using mobility patterns
WO2007080399A1 (en) Provision of position information in telecommunications networks
DE102012100303A1 (en) A stateful paging monitor and method for controlling a stateful paging monitor
US9537817B2 (en) Method and apparatus for obtaining destination IP address
EP2579637A1 (en) Method and apparatus for monitoring process of subscribing wap services
EP3289793B1 (en) Method, mobile switching centre, msc, and a computer program product for detecting interconnect bypass
CN105409288A (en) User management method, corresponding device and system of shared network
EP2865199B1 (en) Machine type communication interworking function
CN1549621A (en) Method for realizing legal monitoring
CN111163033B (en) Message forwarding method and device, communication network element and computer readable storage medium
EP3095221B1 (en) Methods and nodes supporting lawful intercept
EP1779693A1 (en) Lawful interception of location based service traffic
CN104581658A (en) Terminating processing method and device
CN102158859A (en) Control method for monitoring user, monitoring system and network node
KR20100030900A (en) Method and system for intercepting unusual call in wireless data communication environment
Cao et al. Security analysis of DoS attack against the LTE-A system
CN106664309B (en) A kind of processing method, alarming method for power and the user terminal of mobile network's safety
CN100407800C (en) Monitoring method based on general mobile communication system
CN110392353B (en) Short message sending method and device
KR100896844B1 (en) Server device for roaming packet data service, system and method
CN103686732B (en) New DIAMETER signaling for mobile IPV4
WO2022233443A1 (en) Detection of false base stations
CN100471138C (en) A method of packet data service snooping

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20120627

A4 Supplementary search report drawn up and despatched

Effective date: 20130218

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAX Request for extension of the european patent (deleted)
GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

INTG Intention to grant announced

Effective date: 20131108

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 660749

Country of ref document: AT

Kind code of ref document: T

Effective date: 20140415

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 602011005971

Country of ref document: DE

Effective date: 20140515

REG Reference to a national code

Ref country code: AT

Ref legal event code: MK05

Ref document number: 660749

Country of ref document: AT

Kind code of ref document: T

Effective date: 20140402

REG Reference to a national code

Ref country code: NL

Ref legal event code: VDEP

Effective date: 20140402

REG Reference to a national code

Ref country code: LT

Ref legal event code: MG4D

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140703

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140702

Ref country code: NO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140702

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140802

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140804

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 602011005971

Country of ref document: DE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: BE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20140531

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20140531

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

REG Reference to a national code

Ref country code: IE

Ref legal event code: MM4A

26N No opposition filed

Effective date: 20150106

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 602011005971

Country of ref document: DE

Effective date: 20150106

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20140506

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20141119

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 6

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SM

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20140506

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO

Effective date: 20110506

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 7

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 8

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20140402

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20220401

Year of fee payment: 12

Ref country code: FR

Payment date: 20220408

Year of fee payment: 12

Ref country code: DE

Payment date: 20220329

Year of fee payment: 12

REG Reference to a national code

Ref country code: DE

Ref legal event code: R119

Ref document number: 602011005971

Country of ref document: DE

GBPC Gb: european patent ceased through non-payment of renewal fee

Effective date: 20230506